Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1.

Slides:



Advertisements
Similar presentations
Cybersecurity Update December 5, Agenda Cybersecurity – A growing problem Cybersecurity in other states (NASCIO/Deloitte Study) Structure Challenges.
Advertisements

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
EXTERNAL Corruption Prevention NetworkJuly 2007Fraud Control Planning Tax Office Fraud Control Planning: Tools and Techniques PRESENTED BY: Annalissa Hilton.
The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,
COMPLIANCE AND INTEGRITY IN GOVERNMENT AND NON-PROFIT ORGANIZATIONS Michael E. Nawrocki, CPA Managing Partner Nawrocki Smith LLP, CPA’s Historical Perspective.
Assessing the impact of an aging workforce across global organizations.
Understanding & Managing Risk
David A. Brown Chief Information Security Officer State of Ohio
Managing Fraud Risk in Government 2015 IIA District Conference March 10, 2015 David A. King, CPA, CFE – Director, Special Investigations North Carolina.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Managing Fraud Risk in Higher Education 2014 UNC Fall Controller's Workshop November 10, 2014 David A. King, CPA, CFE – Director, Special Investigations.
Assessing Your Organizational Span of Control State Classification Office, September 2003.
Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Why Information Governance….instead of Records & Information Management? Angela Fares, RHIA, CRM, CISA, CGEIT, CRISC, CISM or
 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,
IT Project Management in Virginia IT Project Management Audits in Virginia _____________________________________ NSAA IT Conference.
SEC835 Database and Web application security Information Security Architecture.
The purpose and role of an audit committee Neeta Major Chief Internal Auditor.
Page 1 Keep Your Company Out of the Media Workshop Rachel Verdugo March 23, 2011 Reno, Nevada Protect and Control Your Data.
Maureen B. Higgins Assistant Director, Agency Support & Technical Assistance Office of Personnel Management December 8, 2010.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Portfolio Committee on the Department of Police Auditor’s General perspective 2 March 2010.
FRAUD Students name: Professors name: Course: Date:
Case Study: Department of Revenue Data Breach National Association of State Auditors, Comptrollers and Treasurers March 21, 2013.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
1 Copyright Scott Wright. All rights reserved. SC 1 Selling the Streetwise Security Awareness Program.
Cyber Security Nevada Businesses Overview June, 2014.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
Kellie E. Tomeo, Esq Rampart International, LLC. AdvantageChallenge Increase existing security personnel productivity Increase existing facility personnel.
Copyright Scott Wright. All rights reserved. 1 SC Selling the Streetwise Security Awareness Program.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Cyber Security in Local Government. One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1.
Governing the Corporation Conference Queen’s University, Belfast 21 September 2004.
INTERNAL AUDIT AND INVESTIGATION SERVICES PRESENTATION TO THE PORTFOLIO COMMITTEE ON THE UNIT’S ACTIVITIES FOR THE YEAR ENDING 31 MARCH 2006 Z MXUNYELWA,
Itzick Michaeli Revenue Protection Manager Israel Electric Corporation Itzick Michaeli Revenue Protection Manager Israel Electric Corporation Joint Conference.
Benchmarking the BC Profession Presented by: Cheyene Haase of BC Management, Inc. Evaluating the Budgets, Reporting Structure, Personnel & Compensation.
Computer Security Specialist e-book Created by The University of North Texas in partnership with the Texas Education Agency.
 The mission of the Human Resources Department is to safeguard the employee’s best interest, as they are Garrison’s most valuable asset, and without.
Pro-active Security Measures
1 American Recovery and Reinvestment Act of 2009: Challenges Facing the Department of Transportation and the Office of Inspector General’s Strategy for.
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.
PROMOTING YOUTH EMPLOYMENT Mrs. T.V. Blinova, Director of the Department of Employment and Labor Migration Ministry of Health and Social Development of.
By, CA K RAGHU, PAST PRESIDENT – INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA.
Federal Information Security Management Act (F.I.S.M.A.) [ Justin Killian ]
Trinity Industries, Inc. FEI Presentation May 31, 2012.
HHS Security and Improvement Recommendations Insert Name CSIA 412 Final Project Final Project.
Cyber Risks: Protecting confidential data against unauthorized access Vik Bansal Deloitte & Touche LLP John Reidhead State of Utah March 17, 2016.
Risk Management Dr. Clive Vlieland-Boddy. Managements Responsibilities Strategy – Hopefully sustainable! Control – Hopefully maximising profits! Risk.
10/04/2016 David LaPlante, CISO Information Security & Cybersecurity Program Planning Critical Infrastructure Cyber Security Framework.
Cybersecurity as a Business Differentiator
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
Information Security Program
An Update on FERPA and Student Privacy
CSI Survey 2007 Tiffany Gorman
Information Security: Risk Management or Business Enablement?
Data Security Team 1.
Andy Hall – Cyber & Tech INSURANCE Specialist
Red Flags Rule An Introduction County College of Morris
Navigating Security Seas in a Small Ship with a Limited Crew
ITP Maturity Model Survey 2018
Predicting Insider Threats (PIT)™
The State of Cybersecurity in State Government NAST March 26, 2019
Proposed Regional Medium-term Civil Registration and Vital Statistics Plan First Conference of African Ministers Responsible for Civil Registration August.
DATA BREACHES 6 4 , 9 3 There were…
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Data Breach of United States Office of Personnel Management
Data Breach of United States Office of Personnel Management
Presentation transcript:

Fraud and Prevention: Lessons from the Fire Service August 24,

Today’s Discussion By the numbers Practical next steps Lessons from the fire service 2

Today’s Discussion Lessons from the fire service Practical next steps By the numbers 3

IRS Aus. Img. Dept US Office Of Personnel Mgmt [2 nd Breach] US Office Of Personnel Mgmt Calif Dept of Child Svcs Florida Dept of Juv Justice Florida Courts Kissinger Cables Medicaid Office of The Texas Attorney General Washington Court System South African Police Greek Government Government Data Breaches Since 2012: Selected losses of 30,000+ records Source: informationisbeautiful.net. 4

“The South Carolina Department of Revenue data breach in 2012 exposed 3.6 million Social Security numbers to hackers.” -Government Technology 5

“Names, birth dates, Social Security numbers, and other personally identifiable information belonging to about 850,000 job seekers in Oregon was exposed after hackers gained illegal access to a database containing information at the State Employment Department.” -Information Week 6

“The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management.” -CNN 7

“Medicaid Suffers Massive $33M in Fraud in at Least 4 US States.” -Sputnik International 8

94M Government Records Since days between discovery and disclosure $201 per record breached $5.8M per breach Sources: “Rapid7 Report: Data Breaches in the Government Sector.” Rapid7. September 6, Cost of Data Breach Study, Ponemon Institute, Navigant Breach Report, March

Small & Medium Sized States… Large States… ~15M per month attacks ~10M per day attacks Source: NASCIO. Conveyed at the 2015 NASBO Annual Conference. 10

Less than half of all data breaches are due to malicious attacks 44% 31% 25% malicious attacks human error system glitches Source: 2014 Cost of Data Breach Study, Ponemon Institute, Navigant Breach Report, March

Today’s Discussion Practical next steps By the numbers Lessons from the fire service 12

every… a fire department responds to a fire one structure fire is reported one civilian fire injury is reported seconds seconds minutes Source: National Fire Protection Agency 13

1980Today Source: Michael J. Kartner. Fire Loss in the United States. 734,000 home fires 370,000 home fires 5,200 fire deaths 2,520 fire deaths 14

Q: How was the fire service able to achieve over a 50% decrease in each of these important areas? 15

AdequateFundingAdequateFundingExecutiveSupportExecutiveSupportModernTechnologyModernTechnology Visibility & Influence Influence Governance & Authority AuthorityFireProfessionalsFireProfessionals A: Through vigilant and deliberate action across the fire service. 16

AdequateFundingAdequateFundingExecutiveSupportExecutiveSupportModernTechnologyModernTechnology Visibility & Influence Influence Governance & Authority Authority Fire Security Professionals Professionals States face a lack of [sic] as it relates to cybersecurity and fraud prevention… States face a lack of [sic] as it relates to cybersecurity and fraud prevention… Source: NASCIO State CIO Survey,

Today’s Discussion By the numbers Lessons from the fire service Practical next steps 18

Have a plan – A call to action from the NGA Have a plan – A call to action from the NGA Establish a governance and authority structure Conduct risk assessments and allocate resources accordingly Implement continuous vulnerability assessments Create a culture of risk awareness 19

Stop looking in the rear view mirror. Continuous Diagnostics & Monitoring tools can help. 20

“Too little attention has been placed on continuous controls monitoring by chief financial officers, internal auditors, and corporate risk management and compliance leaders… CCM solutions can increase operational efficiency for critical financial processes, reduce fraud and improve financial governance resulting in a substantial return on investment.” “Too little attention has been placed on continuous controls monitoring by chief financial officers, internal auditors, and corporate risk management and compliance leaders… CCM solutions can increase operational efficiency for critical financial processes, reduce fraud and improve financial governance resulting in a substantial return on investment.” 21

Techniques for detecting and preventing fraud. Rules Based Analytics & Known Patterns Data Science & Predictive Analytics 22

Address the talent crisis. Hire the right professionals Collaborate with HR and define career paths Collaborate with HR and define career paths Provide training and development for professionals 23

All four layers of controls must be monitored across processes. 24

Establish a fraud prevention framework. 25

Questions? 26

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.